When it comes to requesting firewall rules, network zones, open ports, or any security need, the process is often done via a ticketing system. Then, when the request is fulfilled, it is up to the requestor to make sure that it is correct. Usually, this is done once or twice and then life goes on.
As more requests come in and the environment keeps constantly changing because of infrastructure refreshes it becomes nearly impossible to show that the changes have not circumvented or completely altered the original policies.
These security issues and major losses in time are what drove us to develop CognitiveOps Security, an automated security protocol designed to streamline the security enforcement procedure, saving you time and money.
How it works
For most configuration management options available today (like Puppet, Chef, or Ansible), the task of validating firewall rules and policies gets back to rudimentary tests using network utilities. Cognitive Ops Security uses our Network and Firewall Rules validation tool, taking the pain out of this task, and providing a continuous view of compliance through automated testing.
[qode_elements_holder number_of_columns=”two_columns” columns_proportion=”25_75″][qode_elements_holder_item vertical_alignment=”middle” advanced_animations=”no” item_padding=”20px 30px 20px 0px”]
[/qode_elements_holder_item][qode_elements_holder_item vertical_alignment=”middle” advanced_animations=”no” item_padding=”20px 0px 20px 30px”]
First, we plug into the firewall request and provide an automated, up-to-date view showing the current status of how the infrastructure has been deployed.
[/qode_elements_holder_item][/qode_elements_holder][qode_elements_holder number_of_columns=”two_columns” columns_proportion=”25_75″][qode_elements_holder_item vertical_alignment=”middle” advanced_animations=”no” item_padding=”20px 30px 20px 0px”]
[/qode_elements_holder_item][qode_elements_holder_item vertical_alignment=”middle” advanced_animations=”no” item_padding=”20px 0px 20px 30px”]
Given a firewall request for an application or CBS, Cognitive Ops Security then runs a series of checks to test the implementation. We look at reachability using ping, traceroute, and nmap to scan for open ports, and nslookup to check DNS. All of the results are documented so that you can easily search for firewall rules and applications with batch validation.
[/qode_elements_holder_item][/qode_elements_holder][qode_elements_holder number_of_columns=”two_columns” columns_proportion=”25_75″][qode_elements_holder_item vertical_alignment=”middle” advanced_animations=”no” item_padding=”20px 30px 20px 0px”]
[/qode_elements_holder_item][qode_elements_holder_item vertical_alignment=”middle” advanced_animations=”no” item_padding=”20px 0px 20px 30px”]
Our easy-to-use dashboard allows you to quickly drill down to deviations from the defined policies and provides a history of tests performed and deviations detected. The testing schedule is completely configurable, so you can specify both test sequences and frequency.
